Merge pull request #383 from sparc-request/kg-protocol_filters_refactor

KG - Protocol Filters Admin Organizations Correctly (1.7.0)
sparc-request · May 18, 2016 · 5e0a427 · 5e0a427
2 parents a2c275a + 0bd1e5f
commit 5e0a427
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 6 deletions.
diff --git a/app/models/identity.rb b/app/models/identity.rb
@@ -327,7 +327,7 @@ def can_edit_fulfillment? organization
 
   def authorized_admin_organizations
     # returns organizations for which user is service provider or super user
-    Organization.authorized_for_identity(self.id).distinct || []
+    Organization.authorized_for_identity(self.id).distinct
   end
 
   # Collects all organizations that this identity has catalog manager permissions on, as well as
@@ -368,7 +368,7 @@ def admin_organizations su_only = {su_only: false}
     orgs = Organization.all
     organizations = []
     arr = organizations_for_users(orgs, su_only)
-
+    
     arr.each do |org|
       organizations << org.all_children(orgs)
     end

diff --git a/app/models/organization.rb b/app/models/organization.rb
@@ -63,11 +63,18 @@ class Organization < ActiveRecord::Base
   accepts_nested_attributes_for :submission_emails
   accepts_nested_attributes_for :available_statuses, :allow_destroy => true
 
+  #TODO:  In rails 5, the .or operator will be added for ActiveRecord queries. We should try to 
+  #       condense this to a single query at that point
   scope :authorized_for_identity, -> (identity_id) {
-    # returns organizations for which
-    # identity_id is service provider or super user.
-    joins(:service_providers).joins(:super_users).
-    where("service_providers.identity_id = ? OR super_users.identity_id = ?", identity_id, identity_id)
+    super_user_orgs                 = joins(:super_users).where(super_users: {identity_id: identity_id} ).distinct
+    service_provider_orgs           = joins(:service_providers).where(service_providers: {identity_id: identity_id} ).distinct
+
+    super_user_orgs_children        = authorized_child_organizations(super_user_orgs.pluck(:id))
+    service_provider_orgs_children  = authorized_child_organizations(service_provider_orgs.pluck(:id))
+
+    #To get around merge-and in activerecord, we get all the organizations as an array, then convert it back
+    #to an ActiveRecord Relation through another query on the IDs
+    Organization.where(id: (super_user_orgs | super_user_orgs_children | service_provider_orgs | service_provider_orgs_children) ).distinct
   }
 
   scope :in_cwf, -> { joins(:tags).where(tags: { name: 'clinical work fulfillment' }) }
@@ -358,4 +365,15 @@ def has_tag? tag
       return false
     end
   end
+
+  private
+
+  def self.authorized_child_organizations(org_ids)
+    if org_ids.empty?
+      []
+    else
+      orgs = Organization.where(parent_id:  org_ids)
+      orgs | authorized_child_organizations(orgs.pluck(:id))
+    end
+  end
 end